2 matches found
SQL Injection
melisplatform/melis-cms is vulnerable to SQL injection.The vulnerability is due to improper validation of the idPage parameter in the /melis/MelisCms/PageEdition/getTinyTemplates endpoint, which allows an attacker to retrieve, create, update, or delete database records through crafted SQL queries...
CVE-2025-10351 SQL injection vulnerability in Melis Platform
SQL injection vulnerability based on the melis-cms module of the Melis platform from Melis Technology. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'idPage' parameter in the '/melis/MelisCms/PageEdition/getTinyTemplates' endpoint...